Previous Topic: Partial Password AuthenticationNext Topic: OATH One-Time Password Authentication

CA AuthMinder Java Developer's GuideAuthenticating UsersOne-Time Password Authentication

One-Time Password Authentication

One-Time Password (OTP) is a numeric or an alpha-numeric string that is generated by the AuthMinder Server. AuthMinder supports OTPs that can be reused pre-configured number of times. You can specify this setting by using the Administration Console. The OTP lifetime depends on the duration for which it is valid and number of times it can be used.

To perform OTP authentication:

  1. Implement the logic to collect the OTP from the user.
  2. (Optional) If you are implementing a plug-in, then invoke the setAdditionalInput() method in the AdditionalInput class to obtain an object that implements the class.

    See "Preparing Additional Input" for more information.

  3. Invoke the verifyOTP() method of the OTPAuth interface to verify the OTP of the user. Optionally, you can also specify the token type that must be returned to the user after successful authentication by using the AuthTokenType class.

    This method returns an instance of the AuthResponse interface, which provides the transaction details, credential details, and token information.